1383 lines
51 KiB
Java
1383 lines
51 KiB
Java
|
package weaver.file;
|
|||
|
|
|||
|
|
|||
|
/**
|
|||
|
* Title: hpsales
|
|||
|
* Description: for hp sales system
|
|||
|
* Copyright: Copyright (c) 2001
|
|||
|
* Company: weaver
|
|||
|
*
|
|||
|
* @author liuyu, Charoes Huang
|
|||
|
* @version 1.0 ,2004-6-25
|
|||
|
*/
|
|||
|
|
|||
|
import org.apache.commons.lang.StringEscapeUtils;
|
|||
|
import org.apache.commons.lang.StringUtils;
|
|||
|
import weaver.alioss.AliOSSObjectManager;
|
|||
|
import weaver.conn.RecordSet;
|
|||
|
import weaver.docs.docs.DocManager;
|
|||
|
import weaver.docs.docs.ImageFileIdUpdate;
|
|||
|
import weaver.email.MailCommonUtils;
|
|||
|
import weaver.email.service.MailAliOSSService;
|
|||
|
import weaver.file.multipart.DefaultFileRenamePolicy;
|
|||
|
import weaver.file.multipart.MultipartRequest;
|
|||
|
import weaver.file.multipart.UploadedFile;
|
|||
|
import weaver.file.util.FileSuffixCheckUtil;
|
|||
|
import weaver.file.util.PicCompression;
|
|||
|
import weaver.filter.XssUtil;
|
|||
|
import weaver.general.BaseBean;
|
|||
|
import weaver.general.GCONST;
|
|||
|
import weaver.general.StaticObj;
|
|||
|
import weaver.general.Util;
|
|||
|
import weaver.security.util.SecurityMethodUtil;
|
|||
|
import weaver.system.SystemComInfo;
|
|||
|
|
|||
|
import javax.servlet.http.HttpServletRequest;
|
|||
|
import java.io.*;
|
|||
|
import java.net.URLDecoder;
|
|||
|
import java.util.*;
|
|||
|
import java.util.List;
|
|||
|
import java.util.zip.ZipInputStream;
|
|||
|
|
|||
|
public class FileUpload extends BaseBean {
|
|||
|
private static ImageFileIdUpdate imageFileIdUpdate = new ImageFileIdUpdate();
|
|||
|
|
|||
|
|
|||
|
private MultipartRequest mpdata = null;
|
|||
|
HttpServletRequest request = null;
|
|||
|
private String[] filenames = null;
|
|||
|
private InputStream source = null;
|
|||
|
private ArrayList filesizes = new ArrayList();
|
|||
|
private ArrayList imagewidth = new ArrayList();
|
|||
|
private ArrayList imageheight = new ArrayList();
|
|||
|
private ArrayList delfilerealpaths = new ArrayList();
|
|||
|
private int mailid;
|
|||
|
private boolean needimagewidth = false;
|
|||
|
private boolean needzip = false;
|
|||
|
private boolean needzipencrypt = false;
|
|||
|
private String isaesencrypt = "0";
|
|||
|
private String aescode = "";
|
|||
|
private String remoteAddr = "";
|
|||
|
private XssUtil xss = null;
|
|||
|
|
|||
|
public FileUpload(HttpServletRequest request) {
|
|||
|
this.remoteAddr = request.getRemoteAddr();
|
|||
|
if (isMultipartData(request)) mpdata = getAttachment(request);
|
|||
|
this.request = request;
|
|||
|
this.xss = new XssUtil();
|
|||
|
}
|
|||
|
|
|||
|
public FileUpload(HttpServletRequest request, String encode) {
|
|||
|
this.remoteAddr = request.getRemoteAddr();
|
|||
|
if (isMultipartData(request)) mpdata = getAttachment(request, encode);
|
|||
|
this.request = request;
|
|||
|
this.xss = new XssUtil();
|
|||
|
}
|
|||
|
|
|||
|
public FileUpload(HttpServletRequest request, String encode, boolean iszip, String isEmail) {
|
|||
|
this.remoteAddr = request.getRemoteAddr();
|
|||
|
if (isMultipartData(request) && "1".equals(isEmail)) mpdata = getEmailAttachment(request, encode, iszip);
|
|||
|
this.request = request;
|
|||
|
this.xss = new XssUtil();
|
|||
|
}
|
|||
|
|
|||
|
public FileUpload(HttpServletRequest request, String encode, boolean iszip) {
|
|||
|
this.remoteAddr = request.getRemoteAddr();
|
|||
|
if (isMultipartData(request)) mpdata = getAttachment(request, encode, iszip);
|
|||
|
this.request = request;
|
|||
|
this.xss = new XssUtil();
|
|||
|
}
|
|||
|
|
|||
|
public FileUpload(HttpServletRequest request, String encode, boolean iszip, boolean isoriginal) {
|
|||
|
this.remoteAddr = request.getRemoteAddr();
|
|||
|
if (isMultipartData(request)) mpdata = getAttachment(request, encode, iszip, isoriginal);
|
|||
|
this.request = request;
|
|||
|
this.xss = new XssUtil();
|
|||
|
}
|
|||
|
|
|||
|
//modify by mackjoe at 2005-11-28 td3282 获得request对象
|
|||
|
public HttpServletRequest getRequest() {
|
|||
|
return request;
|
|||
|
}
|
|||
|
|
|||
|
//for license upload by chenyingjie 2003-06-26
|
|||
|
public FileUpload(HttpServletRequest request, boolean iszip) {
|
|||
|
this.remoteAddr = request.getRemoteAddr();
|
|||
|
if (isMultipartData(request)) mpdata = getAttachment(request, iszip);
|
|||
|
this.request = request;
|
|||
|
}
|
|||
|
|
|||
|
public FileUpload(HttpServletRequest request, boolean iszip, boolean isaesencrypt) {
|
|||
|
this.remoteAddr = request.getRemoteAddr();
|
|||
|
if (isMultipartData(request)) mpdata = getAttachment(request, iszip, isaesencrypt);
|
|||
|
this.request = request;
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
//for homepage image upload by dongping 2006-8-24
|
|||
|
public FileUpload(HttpServletRequest request, boolean iszip, String strDirAddr) {
|
|||
|
this.remoteAddr = request.getRemoteAddr();
|
|||
|
if (isMultipartData(request)) mpdata = getAttachment(request, iszip, strDirAddr);
|
|||
|
this.request = request;
|
|||
|
}
|
|||
|
|
|||
|
//html模板图片保存
|
|||
|
public FileUpload(HttpServletRequest request, boolean iszip, boolean encoding, String strDirAddr) {
|
|||
|
this.remoteAddr = Util.getIpAddr(request);
|
|||
|
if (isMultipartData(request)) mpdata = getAttachment(request, iszip, encoding, strDirAddr);
|
|||
|
this.request = request;
|
|||
|
}
|
|||
|
|
|||
|
public Hashtable getUploadImgNames() {
|
|||
|
String el = "", imgpath = "", imgname = "";
|
|||
|
Hashtable ht = new Hashtable();
|
|||
|
for (Enumeration e = mpdata.getFileUploadNames(); e.hasMoreElements(); ) {
|
|||
|
el = (String) e.nextElement();
|
|||
|
if (el.indexOf("docimages_") == -1) continue;
|
|||
|
imgpath = Util.null2String(mpdata.getFilePath(el));
|
|||
|
imgname = Util.null2String(mpdata.getFileName(el));
|
|||
|
if (imgpath.equals("") || imgname.equals("")) continue;
|
|||
|
String elNumber = el.substring(el.indexOf("_") + 1, el.length());
|
|||
|
ht.put(elNumber, imgpath + imgname);
|
|||
|
|
|||
|
}
|
|||
|
return ht;
|
|||
|
}
|
|||
|
|
|||
|
public Hashtable getUploadFileNames() {
|
|||
|
String el = "", imgpath = "", imgname = "";
|
|||
|
Hashtable ht = new Hashtable();
|
|||
|
for (Enumeration e = mpdata.getFileUploadNames(); e.hasMoreElements(); ) {
|
|||
|
el = (String) e.nextElement();
|
|||
|
UploadedFile uploadedFile = mpdata.getUploadedFile(el);
|
|||
|
ht.put(el, uploadedFile);
|
|||
|
}
|
|||
|
return ht;
|
|||
|
}
|
|||
|
|
|||
|
//modify by xhheng @20050315 for 流程附件上传
|
|||
|
public String getRemoteAddr() {
|
|||
|
return remoteAddr;
|
|||
|
}
|
|||
|
|
|||
|
public String getParameter(String key) throws RuntimeException {
|
|||
|
if (!isMultipartData(request)) return Util.null2String(request.getParameter(key));
|
|||
|
if (mpdata == null) return "";
|
|||
|
// return Util.null2String(mpdata.getParameter(key)) ;
|
|||
|
|
|||
|
try {
|
|||
|
String value = Util.null2String(mpdata.getParameter(key));
|
|||
|
if (!value.equals("")) {//特殊参数需要从paramsMap中获取
|
|||
|
if (value.startsWith(XssUtil.__RANDOM__)) {
|
|||
|
//xssUtil.cacheKey(Util.null2String(Thread.currentThread().hashCode()),value);
|
|||
|
return xss.get(value);
|
|||
|
}
|
|||
|
}
|
|||
|
return new String(value.getBytes("ISO8859_1"), "UTF-8");
|
|||
|
} catch (Exception ex) {
|
|||
|
return "";
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
public String getParameter2(String key) {
|
|||
|
if (!isMultipartData(request)) return Util.null2String(request.getParameter(key));
|
|||
|
if (mpdata == null) return "";
|
|||
|
String value = Util.null2String(mpdata.getParameter(key));
|
|||
|
return value;
|
|||
|
}
|
|||
|
|
|||
|
/**
|
|||
|
* 本方法返回值不会对null进行特殊处理,如果是null则直接返回null,
|
|||
|
* 如果是空字符串("")则直接返回空字符串("")。
|
|||
|
*
|
|||
|
* @param key
|
|||
|
* @return
|
|||
|
*/
|
|||
|
public String getParameter3(String key) {
|
|||
|
if (!isMultipartData(request)) {
|
|||
|
return request.getParameter(key);
|
|||
|
}
|
|||
|
if (mpdata == null) {
|
|||
|
return null;
|
|||
|
}
|
|||
|
|
|||
|
String value = mpdata.getParameter(key);
|
|||
|
if (value == null) {
|
|||
|
return null;
|
|||
|
}
|
|||
|
|
|||
|
try {
|
|||
|
return new String(value.getBytes("ISO8859_1"), "UTF-8");
|
|||
|
} catch (Exception ex) {
|
|||
|
return value;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public String[] getParameters(String key) {
|
|||
|
if (!isMultipartData(request)) return request.getParameterValues(key);
|
|||
|
if (mpdata == null) return null;
|
|||
|
String[] values = mpdata.getParameterValues(key);
|
|||
|
return values;
|
|||
|
}
|
|||
|
|
|||
|
public Enumeration getParameterNames() {
|
|||
|
if (!isMultipartData(request)) return request.getParameterNames();
|
|||
|
if (mpdata == null) return null;
|
|||
|
return mpdata.getParameterNames();
|
|||
|
}
|
|||
|
|
|||
|
public String[] getParameterValues(String name) {
|
|||
|
if (!isMultipartData(request)) return request.getParameterValues(name);
|
|||
|
if (mpdata == null) return null;
|
|||
|
String[] values = mpdata.getParameterValues(name);
|
|||
|
return values;
|
|||
|
}
|
|||
|
|
|||
|
public String[] getParameterValues2(String name) {
|
|||
|
String[] values = null;
|
|||
|
if (!isMultipartData(request)) {
|
|||
|
values = request.getParameterValues(name);
|
|||
|
String[] multivalues = new String[values.length];
|
|||
|
try {
|
|||
|
for (int i = 0; i < values.length; i++) {
|
|||
|
multivalues[i] = new String(Util.null2String(values[i]).getBytes("ISO8859_1"), "UTF-8");
|
|||
|
}
|
|||
|
} catch (UnsupportedEncodingException e) {
|
|||
|
e.printStackTrace();
|
|||
|
}
|
|||
|
return multivalues;
|
|||
|
}
|
|||
|
if (mpdata == null) return null;
|
|||
|
values = mpdata.getParameterValues(name);
|
|||
|
String[] multivalues = new String[values.length];
|
|||
|
try {
|
|||
|
for (int i = 0; i < values.length; i++) {
|
|||
|
multivalues[i] = new String(Util.null2String(values[i]).getBytes("ISO8859_1"), "UTF-8");
|
|||
|
}
|
|||
|
} catch (UnsupportedEncodingException e) {
|
|||
|
e.printStackTrace();
|
|||
|
}
|
|||
|
return multivalues;
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
public String getFileName() {
|
|||
|
return this.filenames[0].replace("'", "’");
|
|||
|
}
|
|||
|
|
|||
|
public String[] getFileNames() {
|
|||
|
return this.filenames;
|
|||
|
}
|
|||
|
|
|||
|
public void setFileNames(String[] filenames) {
|
|||
|
this.filenames = filenames;
|
|||
|
}
|
|||
|
|
|||
|
public int getFileSize() {
|
|||
|
return Util.getIntValue((String) this.filesizes.get(0));
|
|||
|
}
|
|||
|
|
|||
|
public int[] getFileSizes() {
|
|||
|
int[] filesizearr = new int[filesizes.size()];
|
|||
|
for (int i = 0; i < filesizes.size(); i++) filesizearr[i] = Util.getIntValue((String) this.filesizes.get(i));
|
|||
|
return filesizearr;
|
|||
|
}
|
|||
|
|
|||
|
public void setFileSizes(ArrayList filesizes) {
|
|||
|
this.filesizes = filesizes;
|
|||
|
}
|
|||
|
|
|||
|
public int getWidth() {
|
|||
|
return Util.getIntValue((String) this.imagewidth.get(0));
|
|||
|
}
|
|||
|
|
|||
|
public int getHeight() {
|
|||
|
return Util.getIntValue((String) this.imageheight.get(0));
|
|||
|
}
|
|||
|
|
|||
|
public int[] getWidths() {
|
|||
|
int[] imagewidtharr = new int[imagewidth.size()];
|
|||
|
for (int i = 0; i < imagewidth.size(); i++)
|
|||
|
imagewidtharr[i] = Util.getIntValue((String) this.imagewidth.get(i));
|
|||
|
return imagewidtharr;
|
|||
|
}
|
|||
|
|
|||
|
public int[] getHeights() {
|
|||
|
int[] imageheightarr = new int[imageheight.size()];
|
|||
|
for (int i = 0; i < imageheight.size(); i++)
|
|||
|
imageheightarr[i] = Util.getIntValue((String) this.imageheight.get(i));
|
|||
|
return imageheightarr;
|
|||
|
}
|
|||
|
|
|||
|
public void setMailid(int mailid) {
|
|||
|
this.mailid = mailid;
|
|||
|
}
|
|||
|
|
|||
|
public int getMailid() {
|
|||
|
return mailid;
|
|||
|
}
|
|||
|
|
|||
|
public void needImagewidth(boolean needimagewidth) {
|
|||
|
this.needimagewidth = needimagewidth;
|
|||
|
}
|
|||
|
|
|||
|
public ArrayList getDelFilerealpaths() {
|
|||
|
return delfilerealpaths;
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
public String uploadFiles(String uploadname) {
|
|||
|
String[] uploadnames = new String[1];
|
|||
|
uploadnames[0] = uploadname;
|
|||
|
String paramFileName = this.getParameter("name"); //获取参数当中的文件名
|
|||
|
//String[] filenames = uploadFiles(uploadnames) ;
|
|||
|
String[] filenames = uploadFiles(uploadnames, paramFileName);
|
|||
|
if (filenames == null || filenames.length < 1) {
|
|||
|
return null;
|
|||
|
}
|
|||
|
return filenames[0];
|
|||
|
}
|
|||
|
|
|||
|
//add by liuy 20190705 start
|
|||
|
/* 上传文件文件名IOS系统出现错误问题修复
|
|||
|
*
|
|||
|
*/
|
|||
|
public String[] uploadFiles(String[] uploadnames, String paramFileName) {
|
|||
|
if (mpdata == null) return null;
|
|||
|
|
|||
|
int upload_numbers = uploadnames.length;
|
|||
|
String[] fileids = new String[upload_numbers];
|
|||
|
this.filenames = new String[upload_numbers];
|
|||
|
for (int i = 0; i < upload_numbers; i++) {
|
|||
|
filenames[i] = SecurityMethodUtil.textXssClean(mpdata.getOriginalFileName(uploadnames[i]));
|
|||
|
if (filenames[i] == null || "".equals(filenames[i])) {
|
|||
|
return fileids;
|
|||
|
}
|
|||
|
//满足三个条件,否则走else;
|
|||
|
//1 请求参数未包含文件名
|
|||
|
//2 有请求参数并且和上传文件流里的文件名参数一致
|
|||
|
//3 值不一致,但是文件流里的文件名为file,防止 IOS篡改
|
|||
|
if (StringUtils.isBlank(paramFileName) || paramFileName.equals(filenames[i]) || (!paramFileName.equals(filenames[i]) && !"file".equals(filenames[i]))) {
|
|||
|
fileids[i] = saveFile(uploadnames[i], mpdata);
|
|||
|
} else {
|
|||
|
filenames[i] = paramFileName; //修改文件名
|
|||
|
fileids[i] = saveFile(uploadnames[i], paramFileName, mpdata);
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
return fileids;
|
|||
|
}
|
|||
|
|
|||
|
public String[] uploadFiles(String[] uploadnames) {
|
|||
|
if (mpdata == null) return null;
|
|||
|
int upload_numbers = uploadnames.length;
|
|||
|
String[] fileids = new String[upload_numbers];
|
|||
|
this.filenames = new String[upload_numbers];
|
|||
|
for (int i = 0; i < upload_numbers; i++) {
|
|||
|
filenames[i] = SecurityMethodUtil.textXssClean(mpdata.getOriginalFileName(uploadnames[i]));
|
|||
|
if (filenames[i] != null && !filenames[i].equals("")) {
|
|||
|
fileids[i] = saveFile(uploadnames[i], mpdata);
|
|||
|
}
|
|||
|
}
|
|||
|
return fileids;
|
|||
|
}
|
|||
|
|
|||
|
/**
|
|||
|
* 处理邮件模块上传的附件存储
|
|||
|
*
|
|||
|
* @param uploadname
|
|||
|
* @return
|
|||
|
*/
|
|||
|
public String uploadFilesToEmail(String uploadname) {
|
|||
|
String[] uploadnames = new String[1];
|
|||
|
uploadnames[0] = uploadname;
|
|||
|
String[] filenames = uploadFilesToEmail(uploadnames);
|
|||
|
return filenames[0];
|
|||
|
}
|
|||
|
|
|||
|
/**
|
|||
|
* 处理邮件模块上传的附件存储
|
|||
|
*
|
|||
|
* @param uploadnames
|
|||
|
* @return
|
|||
|
*/
|
|||
|
public String[] uploadFilesToEmail(String[] uploadnames) {
|
|||
|
if (mpdata == null) return null;
|
|||
|
int upload_numbers = uploadnames.length;
|
|||
|
String[] fileids = new String[upload_numbers];
|
|||
|
this.filenames = new String[upload_numbers];
|
|||
|
for (int i = 0; i < upload_numbers; i++) {
|
|||
|
filenames[i] = SecurityMethodUtil.textXssClean(mpdata.getOriginalFileName(uploadnames[i]));
|
|||
|
if (filenames[i] != null && !filenames[i].equals("")) {
|
|||
|
fileids[i] = saveFileToEmail(uploadnames[i], mpdata);
|
|||
|
}
|
|||
|
}
|
|||
|
return fileids;
|
|||
|
}
|
|||
|
|
|||
|
/**
|
|||
|
* 保存邮件附件记录到mailresourcefile表。
|
|||
|
*
|
|||
|
* @param uploadname
|
|||
|
* @param mpdata
|
|||
|
* @return
|
|||
|
*/
|
|||
|
private synchronized String saveFileToEmail(String uploadname, MultipartRequest mpdata) {
|
|||
|
String imageid = "";
|
|||
|
String filepath = mpdata.getFilePath(uploadname);
|
|||
|
String filename = mpdata.getFileName(uploadname);
|
|||
|
String originalfilename = SecurityMethodUtil.textXssClean(mpdata.getOriginalFileName(uploadname));
|
|||
|
writeLog("-saveFileToEmail-filename:" + filename + "-originalfilename:" + originalfilename);
|
|||
|
originalfilename = StringEscapeUtils.unescapeHtml(originalfilename);
|
|||
|
writeLog("-saveFileToEmail-unescapeHtml-originalfilename:" + originalfilename);
|
|||
|
String contenttype = mpdata.getContentType(uploadname);
|
|||
|
long filesize = mpdata.getFileSize(uploadname);
|
|||
|
String filerealpath = filepath + filename;
|
|||
|
// WeavermailComInfo wmc = new WeavermailComInfo() ;
|
|||
|
String isfileattrachment = "1";// wmc.getCurrentFileAttachment() ;
|
|||
|
String fileContentId = "";// wmc.getCurrentFileContentId();
|
|||
|
String isEncoded = "";// wmc.getCurrentFilenameencode();
|
|||
|
String secretLevel = Util.null2s(getParameter("secretLevel"), "4");
|
|||
|
String secretDeadline = Util.null2s(getParameter("secretLevelValidity"), "");
|
|||
|
|
|||
|
//判断实体文件是否存在,如果不存在,保存失败。
|
|||
|
File file = new File(filerealpath);
|
|||
|
if (!file.exists()) {
|
|||
|
writeLog("检测到实体文件不存在,附件上传失败.originalfilename=" + originalfilename + ",filerealpath=" + filerealpath);
|
|||
|
return imageid;
|
|||
|
}
|
|||
|
|
|||
|
String iszip = "0";
|
|||
|
String isencrypt = "0";
|
|||
|
if (needzip) iszip = "1";
|
|||
|
if (needzipencrypt) isencrypt = "1";
|
|||
|
|
|||
|
originalfilename = escapeSpecialCharactersForFileName(originalfilename);
|
|||
|
|
|||
|
RecordSet rs = new RecordSet();
|
|||
|
char separator = Util.getSeparator();
|
|||
|
String mailFileUUID = MailCommonUtils.getRandomUUID();
|
|||
|
String para = "0" + separator + originalfilename + separator + contenttype + separator + filerealpath
|
|||
|
+ separator + iszip + separator + isencrypt + separator + isfileattrachment + separator + fileContentId
|
|||
|
+ separator + isEncoded + separator + String.valueOf(filesize) + separator + mailFileUUID;
|
|||
|
rs.executeProc("MailResourceFile_Insert", para);
|
|||
|
rs.executeQuery("select id from MailResourceFile where mrf_uuid = ?", mailFileUUID);
|
|||
|
if (rs.next()) {
|
|||
|
imageid = rs.getString("id");
|
|||
|
}
|
|||
|
|
|||
|
// 更新加密信息
|
|||
|
rs.executeUpdate("update MailResourceFile set isaesencrypt=?, aescode=?, secretLevel=?, secretDeadline=? where id=?", isaesencrypt, aescode, secretLevel, secretDeadline, imageid);
|
|||
|
|
|||
|
//处理oss存储逻辑
|
|||
|
MailAliOSSService mailAliOSSService = new MailAliOSSService();
|
|||
|
mailAliOSSService.updateFileToOSSByUUID(mailFileUUID);
|
|||
|
|
|||
|
return imageid;
|
|||
|
}
|
|||
|
|
|||
|
/**
|
|||
|
* 过滤附件名称里的特殊字符,防止入库 是出现 问号?
|
|||
|
*
|
|||
|
* @param fileName
|
|||
|
* @return
|
|||
|
*/
|
|||
|
private String escapeSpecialCharactersForFileName(String fileName) {
|
|||
|
fileName = Util.null2String(fileName);
|
|||
|
|
|||
|
fileName = fileName.replaceAll("(\r\n|\r|\n|\n\r)", "").replaceAll("\t", ""); // 替换换行符,tab符
|
|||
|
|
|||
|
//替换英文半角字符,防止半角字符展示为?问号 https://tbatm.iteye.com/blog/2196068
|
|||
|
byte bytes[] = {(byte) 0xC2, (byte) 0xA0};
|
|||
|
try {
|
|||
|
String UTFSpace = new String(bytes, "utf-8");
|
|||
|
fileName = fileName.replaceAll(UTFSpace, " ");
|
|||
|
} catch (UnsupportedEncodingException e) {
|
|||
|
e.printStackTrace();
|
|||
|
}
|
|||
|
return fileName;
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/**
|
|||
|
* 处理邮件模块上传的附件存储
|
|||
|
*
|
|||
|
* @param uploadnames
|
|||
|
* @param withsave
|
|||
|
* @return
|
|||
|
*/
|
|||
|
public ArrayList uploadFilesToMail(String[] uploadnames, String withsave) {
|
|||
|
if (mpdata == null) return null;
|
|||
|
int upload_numbers = uploadnames.length;
|
|||
|
ArrayList filecontents = new ArrayList();
|
|||
|
this.filenames = new String[upload_numbers];
|
|||
|
for (int i = 0; i < upload_numbers; i++) {
|
|||
|
String tempfilename = SecurityMethodUtil.textXssClean(mpdata.getOriginalFileName(uploadnames[i]));
|
|||
|
if (tempfilename != null && !tempfilename.equals("")) {
|
|||
|
filenames[i] = tempfilename;
|
|||
|
filecontents.add(getFileContent(uploadnames[i], mpdata, withsave));
|
|||
|
}
|
|||
|
}
|
|||
|
return filecontents;
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
private MultipartRequest getAttachment(HttpServletRequest req) {
|
|||
|
if (isMultipartData(req))
|
|||
|
try {
|
|||
|
DefaultFileRenamePolicy defpolicy = new DefaultFileRenamePolicy();
|
|||
|
SystemComInfo syscominfo = new SystemComInfo();
|
|||
|
String createdir = getCreateDir(syscominfo.getFilesystem());
|
|||
|
isaesencrypt = syscominfo.getIsaesencrypt();
|
|||
|
aescode = Util.getRandomString(13);
|
|||
|
if ((syscominfo.getNeedzip()).equals("1")) needzip = true;
|
|||
|
// if( (syscominfo.getNeedzipencrypt()).equals("1") ) needzipencrypt = true ;
|
|||
|
|
|||
|
return new MultipartRequest(req, createdir, req.getContentLength(), defpolicy, needzip, needzipencrypt, "", isaesencrypt, aescode);
|
|||
|
} catch (Exception ex) {
|
|||
|
writeLog(ex);
|
|||
|
return null;
|
|||
|
}
|
|||
|
return null;
|
|||
|
}
|
|||
|
|
|||
|
private MultipartRequest getAttachment(HttpServletRequest req, String encoding) {
|
|||
|
if (isMultipartData(req))
|
|||
|
try {
|
|||
|
DefaultFileRenamePolicy defpolicy = new DefaultFileRenamePolicy();
|
|||
|
SystemComInfo syscominfo = new SystemComInfo();
|
|||
|
String createdir = getCreateDir(syscominfo.getFilesystem());
|
|||
|
isaesencrypt = syscominfo.getIsaesencrypt();
|
|||
|
aescode = Util.getRandomString(13);
|
|||
|
if ((syscominfo.getNeedzip()).equals("1")) needzip = true;
|
|||
|
// if( (syscominfo.getNeedzipencrypt()).equals("1") ) needzipencrypt = true ;
|
|||
|
|
|||
|
return new MultipartRequest(req, createdir, req.getContentLength(), defpolicy, needzip, needzipencrypt, encoding, isaesencrypt, aescode);
|
|||
|
} catch (Exception ex) {
|
|||
|
writeLog(ex);
|
|||
|
return null;
|
|||
|
}
|
|||
|
return null;
|
|||
|
}
|
|||
|
|
|||
|
private MultipartRequest getEmailAttachment(HttpServletRequest req, String encoding, boolean iszip) {
|
|||
|
if (isMultipartData(req))
|
|||
|
try {
|
|||
|
DefaultFileRenamePolicy defpolicy = new DefaultFileRenamePolicy();
|
|||
|
SystemComInfo syscominfo = new SystemComInfo();
|
|||
|
|
|||
|
// String createdir = getCreateDir(syscominfo.getFilesystem()) ;
|
|||
|
String createdir = GCONST.getRootPath() + "filesystem" + File.separatorChar;
|
|||
|
createdir = getCreateDir(createdir + File.separatorChar);
|
|||
|
RecordSet rs = new RecordSet();
|
|||
|
rs.execute("select filePath from MailConfigureInfo");
|
|||
|
while (rs.next()) {
|
|||
|
String emailpath = rs.getString("filePath");
|
|||
|
if (!"".equals(emailpath)) {
|
|||
|
createdir = getCreateDir(emailpath + File.separatorChar);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
isaesencrypt = syscominfo.getIsaesencrypt();
|
|||
|
aescode = Util.getRandomString(13);
|
|||
|
needzip = iszip;
|
|||
|
// if( (syscominfo.getNeedzipencrypt()).equals("1") ) needzipencrypt = true ;
|
|||
|
|
|||
|
return new MultipartRequest(req, createdir, req.getContentLength(), defpolicy, needzip, needzipencrypt, encoding, isaesencrypt, aescode);
|
|||
|
} catch (Exception ex) {
|
|||
|
writeLog(ex);
|
|||
|
return null;
|
|||
|
}
|
|||
|
return null;
|
|||
|
}
|
|||
|
|
|||
|
protected MultipartRequest getAttachment(HttpServletRequest req, String encoding, boolean iszip) {
|
|||
|
if (isMultipartData(req))
|
|||
|
try {
|
|||
|
DefaultFileRenamePolicy defpolicy = new DefaultFileRenamePolicy();
|
|||
|
SystemComInfo syscominfo = new SystemComInfo();
|
|||
|
String createdir = getCreateDir(syscominfo.getFilesystem());
|
|||
|
isaesencrypt = syscominfo.getIsaesencrypt();
|
|||
|
aescode = Util.getRandomString(13);
|
|||
|
needzip = iszip;
|
|||
|
// if( (syscominfo.getNeedzipencrypt()).equals("1") ) needzipencrypt = true ;
|
|||
|
|
|||
|
return new MultipartRequest(req, createdir, req.getContentLength(), defpolicy, needzip, needzipencrypt, encoding, isaesencrypt, aescode);
|
|||
|
} catch (Exception ex) {
|
|||
|
writeLog(ex);
|
|||
|
return null;
|
|||
|
}
|
|||
|
return null;
|
|||
|
}
|
|||
|
|
|||
|
private MultipartRequest getAttachment(HttpServletRequest req, String encoding, boolean iszip, boolean original) {
|
|||
|
if (isMultipartData(req))
|
|||
|
try {
|
|||
|
DefaultFileRenamePolicy defpolicy = null;
|
|||
|
SystemComInfo syscominfo = new SystemComInfo();
|
|||
|
String createdir = getCreateDir(syscominfo.getFilesystem());
|
|||
|
isaesencrypt = "0";
|
|||
|
aescode = Util.getRandomString(13);
|
|||
|
needzip = false;
|
|||
|
if (!original) {
|
|||
|
isaesencrypt = syscominfo.getIsaesencrypt();
|
|||
|
aescode = Util.getRandomString(13);
|
|||
|
needzip = iszip;
|
|||
|
}
|
|||
|
|
|||
|
// if( (syscominfo.getNeedzipencrypt()).equals("1") ) needzipencrypt = true ;
|
|||
|
|
|||
|
return new MultipartRequest(req, createdir, req.getContentLength(), defpolicy, needzip, needzipencrypt, encoding, isaesencrypt, aescode);
|
|||
|
} catch (Exception ex) {
|
|||
|
writeLog(ex);
|
|||
|
return null;
|
|||
|
}
|
|||
|
return null;
|
|||
|
}
|
|||
|
|
|||
|
//for license upload by chenyingjie 2003-06-26
|
|||
|
private MultipartRequest getAttachment(HttpServletRequest req, boolean iszip) {
|
|||
|
if (isMultipartData(req))
|
|||
|
try {
|
|||
|
DefaultFileRenamePolicy defpolicy = new DefaultFileRenamePolicy();
|
|||
|
SystemComInfo syscominfo = new SystemComInfo();
|
|||
|
String createdir = getCreateDir(syscominfo.getFilesystem());
|
|||
|
isaesencrypt = syscominfo.getIsaesencrypt();
|
|||
|
aescode = Util.getRandomString(13);
|
|||
|
if ((syscominfo.getNeedzip()).equals("1")) needzip = true;
|
|||
|
// if( (syscominfo.getNeedzipencrypt()).equals("1") ) needzipencrypt = true ;
|
|||
|
|
|||
|
if (!iszip) needzip = false;
|
|||
|
return new MultipartRequest(req, createdir, req.getContentLength(), defpolicy, needzip, needzipencrypt, "", isaesencrypt, aescode);
|
|||
|
} catch (Exception ex) {
|
|||
|
writeLog(ex);
|
|||
|
return null;
|
|||
|
}
|
|||
|
return null;
|
|||
|
}
|
|||
|
|
|||
|
private MultipartRequest getAttachment(HttpServletRequest req, boolean iszip, boolean isaesencryptBoolean) {
|
|||
|
if (isMultipartData(req))
|
|||
|
try {
|
|||
|
DefaultFileRenamePolicy defpolicy = new DefaultFileRenamePolicy();
|
|||
|
SystemComInfo syscominfo = new SystemComInfo();
|
|||
|
String createdir = getCreateDir(syscominfo.getFilesystem());
|
|||
|
if (isaesencryptBoolean) {
|
|||
|
isaesencrypt = syscominfo.getIsaesencrypt();
|
|||
|
aescode = Util.getRandomString(13);
|
|||
|
}
|
|||
|
if ((syscominfo.getNeedzip()).equals("1")) needzip = true;
|
|||
|
// if( (syscominfo.getNeedzipencrypt()).equals("1") ) needzipencrypt = true ;
|
|||
|
|
|||
|
if (!iszip) needzip = false;
|
|||
|
return new MultipartRequest(req, createdir, req.getContentLength(), defpolicy, needzip, needzipencrypt, "", isaesencrypt, aescode);
|
|||
|
} catch (Exception ex) {
|
|||
|
writeLog(ex);
|
|||
|
return null;
|
|||
|
}
|
|||
|
return null;
|
|||
|
}
|
|||
|
|
|||
|
public List getFiles() {
|
|||
|
if (mpdata == null) return null;
|
|||
|
return mpdata.getFiles();
|
|||
|
}
|
|||
|
|
|||
|
//for homepage edit by dongping 2006-08-24
|
|||
|
private MultipartRequest getAttachment(HttpServletRequest req, boolean iszip, String strDirAddr) {
|
|||
|
if (isMultipartData(req))
|
|||
|
try {
|
|||
|
DefaultFileRenamePolicy defpolicy = new DefaultFileRenamePolicy();
|
|||
|
SystemComInfo syscominfo = new SystemComInfo();
|
|||
|
//String createdir = getCreateDir(syscominfo.getFilesystem()) ;
|
|||
|
isaesencrypt = syscominfo.getIsaesencrypt();
|
|||
|
aescode = Util.getRandomString(13);
|
|||
|
String createdir = getCreateDir(GCONST.getRootPath() + strDirAddr);
|
|||
|
if ((syscominfo.getNeedzip()).equals("1")) needzip = true;
|
|||
|
//if( (syscominfo.getNeedzipencrypt()).equals("1") ) needzipencrypt = true ;
|
|||
|
|
|||
|
if (!iszip) needzip = false;
|
|||
|
return new MultipartRequest(req, createdir, req.getContentLength(), defpolicy, needzip, needzipencrypt, "", isaesencrypt, aescode);
|
|||
|
} catch (Exception ex) {
|
|||
|
writeLog(ex);
|
|||
|
return null;
|
|||
|
}
|
|||
|
return null;
|
|||
|
}
|
|||
|
|
|||
|
//html模板图片保存
|
|||
|
private MultipartRequest getAttachment(HttpServletRequest req, boolean iszip, boolean encoding, String strDirAddr) {
|
|||
|
if (isMultipartData(req))
|
|||
|
try {
|
|||
|
DefaultFileRenamePolicy defpolicy = new DefaultFileRenamePolicy();
|
|||
|
SystemComInfo syscominfo = new SystemComInfo();
|
|||
|
//String createdir = getCreateDir(syscominfo.getFilesystem()) ;
|
|||
|
isaesencrypt = syscominfo.getIsaesencrypt();
|
|||
|
if (!encoding) isaesencrypt = "0";
|
|||
|
aescode = Util.getRandomString(13);
|
|||
|
String createdir = getCreateDir(GCONST.getRootPath() + strDirAddr);
|
|||
|
if ((syscominfo.getNeedzip()).equals("1")) needzip = true;
|
|||
|
//if( (syscominfo.getNeedzipencrypt()).equals("1") ) needzipencrypt = true ;
|
|||
|
|
|||
|
if (!iszip) needzip = false;
|
|||
|
return new MultipartRequest(req, createdir, req.getContentLength(), defpolicy, needzip, needzipencrypt, "", isaesencrypt, aescode);
|
|||
|
} catch (Exception ex) {
|
|||
|
writeLog(ex);
|
|||
|
return null;
|
|||
|
}
|
|||
|
return null;
|
|||
|
}
|
|||
|
|
|||
|
private InputStream getFileContent(String uploadname, MultipartRequest mpdata, String withsave) {
|
|||
|
if (withsave.equals("1") || withsave.equals("2")) {
|
|||
|
|
|||
|
String filepath = mpdata.getFilePath(uploadname);
|
|||
|
String filename = mpdata.getFileName(uploadname);
|
|||
|
String originalfilename = SecurityMethodUtil.textXssClean(mpdata.getOriginalFileName(uploadname));
|
|||
|
String contenttype = mpdata.getContentType(uploadname);
|
|||
|
long filesize = mpdata.getFileSize(uploadname);
|
|||
|
String filerealpath = filepath + filename;
|
|||
|
//WeavermailComInfo wmc = new WeavermailComInfo() ;
|
|||
|
String isfileattrachment = "1";//wmc.getCurrentFileAttachment() ;
|
|||
|
String fileContentId = "";//wmc.getCurrentFileContentId();
|
|||
|
String isEncoded = "";//wmc.getCurrentFilenameencode();
|
|||
|
|
|||
|
String iszip = "0";
|
|||
|
String isencrypt = "0";
|
|||
|
if (needzip) iszip = "1";
|
|||
|
if (needzipencrypt) isencrypt = "1";
|
|||
|
|
|||
|
RecordSet rs = new RecordSet();
|
|||
|
char separator = Util.getSeparator();
|
|||
|
|
|||
|
String para = "" + mailid + separator + originalfilename + separator
|
|||
|
+ contenttype + separator + filerealpath + separator
|
|||
|
+ iszip + separator + isencrypt + separator + isfileattrachment + separator
|
|||
|
+ fileContentId + separator + isEncoded + separator + String.valueOf(filesize);
|
|||
|
|
|||
|
rs.executeProc("MailResourceFile_Insert", para);
|
|||
|
} else {
|
|||
|
String filepath = mpdata.getFilePath(uploadname);
|
|||
|
String filename = mpdata.getFileName(uploadname);
|
|||
|
String filerealpath = filepath + filename;
|
|||
|
delfilerealpaths.add(filerealpath);
|
|||
|
}
|
|||
|
|
|||
|
try {
|
|||
|
File thefile = mpdata.getFile(uploadname);
|
|||
|
if (needzip) {
|
|||
|
ZipInputStream zin = new ZipInputStream(new FileInputStream(thefile));
|
|||
|
if (zin.getNextEntry() != null) source = new BufferedInputStream(zin);
|
|||
|
} else source = new BufferedInputStream(new FileInputStream(thefile));
|
|||
|
} catch (Exception e) {
|
|||
|
writeLog(e);
|
|||
|
}
|
|||
|
|
|||
|
return source;
|
|||
|
|
|||
|
/* 原有的存储附件数据在数据库中的方式
|
|||
|
|
|||
|
boolean isoracle = (statement.getDBType()).equals("oracle") ;
|
|||
|
|
|||
|
try {
|
|||
|
statement = new ConnStatement();
|
|||
|
|
|||
|
File thefile = mpdata.getFile(uploadname) ;
|
|||
|
int fileLength = new Long(thefile.length()).intValue();
|
|||
|
source = new BufferedInputStream(new FileInputStream(thefile),500*1024) ;
|
|||
|
|
|||
|
String sql = "" ;
|
|||
|
|
|||
|
if( isoracle) {
|
|||
|
sql = "insert into MailResourceFile(mailid,filename,attachfile,filetype) values(?,?,empty_blob(),?)";
|
|||
|
statement.setStatementSql(sql);
|
|||
|
statement.setInt(1,mailid);
|
|||
|
statement.setString(2,filename) ;
|
|||
|
statement.setString(3,contenttype) ;
|
|||
|
statement.executeUpdate();
|
|||
|
|
|||
|
sql = "select rownum, attachfile from ( select attachfile from MailResourceFile order by id desc ) where rownum = 1 " ;
|
|||
|
statement.setStatementSql(sql);
|
|||
|
statement.executeQuery();
|
|||
|
statement.next() ;
|
|||
|
BLOB theblob = statement.getBlob(2) ;
|
|||
|
|
|||
|
int bytesize = theblob.getBufferSize() ;
|
|||
|
byte[] buffer = new byte[bytesize] ;
|
|||
|
OutputStream outstream = theblob.getBinaryOutputStream() ;
|
|||
|
int length = -1 ;
|
|||
|
|
|||
|
while((length = source.read(buffer)) != -1)
|
|||
|
outstream.write(buffer, 0 , length) ;
|
|||
|
outstream.close() ;
|
|||
|
}
|
|||
|
else {
|
|||
|
sql = "insert into MailResourceFile(mailid,filename,attachfile,filetype) values(?,?,?,?)";
|
|||
|
statement.setStatementSql(sql);
|
|||
|
statement.setInt(1,mailid);
|
|||
|
statement.setString(2,filename) ;
|
|||
|
statement.setBinaryStream(3,source,fileLength);
|
|||
|
statement.setString(4,contenttype) ;
|
|||
|
statement.executeUpdate();
|
|||
|
}
|
|||
|
|
|||
|
source.close() ;
|
|||
|
thefile.delete() ;
|
|||
|
|
|||
|
if(withsave.equals("1")) {
|
|||
|
sql = "select max(id) from MailResourceFile " ;
|
|||
|
statement.setStatementSql(sql);
|
|||
|
statement.executeQuery();
|
|||
|
statement.next() ;
|
|||
|
int fileid = statement.getInt(1) ;
|
|||
|
|
|||
|
sql = "select attachfile from MailResourceFile where id = " + fileid;
|
|||
|
statement.setStatementSql(sql);
|
|||
|
statement.executeQuery();
|
|||
|
statement.next() ;
|
|||
|
byte[] imagebyte = null ;
|
|||
|
if( isoracle ) imagebyte = statement.getBlobByte("attachfile") ;
|
|||
|
else imagebyte = statement.getBytes("attachfile") ;
|
|||
|
source = new BufferedInputStream(new ByteArrayInputStream(imagebyte),500*1024) ;
|
|||
|
}
|
|||
|
statement.close() ;
|
|||
|
|
|||
|
|
|||
|
}catch(Exception ex){}
|
|||
|
}
|
|||
|
return source ; */
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
private synchronized String saveFile(String uploadname, MultipartRequest mpdata) {
|
|||
|
|
|||
|
int imageid = 0;
|
|||
|
String filepath = mpdata.getFilePath(uploadname);
|
|||
|
String filename = mpdata.getFileName(uploadname);
|
|||
|
String originalfilename = SecurityMethodUtil.textXssClean(mpdata.getOriginalFileName(uploadname));
|
|||
|
String contenttype = mpdata.getContentType(uploadname);
|
|||
|
long filesize = mpdata.getFileSize(uploadname);
|
|||
|
|
|||
|
String _imagefilename = Util.null2String(getParameter("imagefilename"));
|
|||
|
String __originalfilename = Util.null2String(originalfilename);
|
|||
|
String _extname = __originalfilename.contains(".") ? __originalfilename.substring(__originalfilename.indexOf(".")) : "";
|
|||
|
if (!_imagefilename.isEmpty() && ("".equals(_extname) || _imagefilename.endsWith(_extname))) {
|
|||
|
originalfilename = _imagefilename;
|
|||
|
}
|
|||
|
|
|||
|
if (filesize == 0) {
|
|||
|
writeLog("^^^^^^^^^(文件大小为0)(" + originalfilename + ")^^^^^^^^^^^filepath=" + filepath + filename);
|
|||
|
return null;
|
|||
|
}
|
|||
|
|
|||
|
String filerealpath = filepath + filename;
|
|||
|
int fieldId = Util.getIntValue(getParameter("fieldId"));
|
|||
|
int workflowId = Util.getIntValue(getParameter("workflowId"));
|
|||
|
/*
|
|||
|
* QC675390概述:前后台增加附件上传格式控制
|
|||
|
* 如果上传文件的文件名后缀不符合配置文件中的要求,则不上传
|
|||
|
*/
|
|||
|
if (!FileSuffixCheckUtil.isEnableUpload(originalfilename) || (fieldId > 0 && workflowId > 0 && !checkFileSuffix(originalfilename, fieldId, workflowId))) {
|
|||
|
writeLog("^^^^^^^^^(文件拦截)(" + originalfilename + ")^^^^^^^^^^^filepath=" + filepath + filename);
|
|||
|
File _tempFile = new File(filerealpath);
|
|||
|
// 如果文件存在,且是文件,删除
|
|||
|
if (_tempFile.exists() && _tempFile.isFile()) {
|
|||
|
FileSecurityUtil.deleteFile(_tempFile);
|
|||
|
// _tempFile.delete();
|
|||
|
}
|
|||
|
return null;
|
|||
|
}
|
|||
|
//tagtag需要压缩图片
|
|||
|
//System.out.println("contenttype:"+ contenttype);
|
|||
|
//System.out.println("filerealpath:"+ filerealpath);
|
|||
|
String needCompressionPic = (String) this.request.getAttribute("needCompressionPic");
|
|||
|
if ("1".equals(needCompressionPic) && !needzip) {
|
|||
|
PicCompression picCompression = new PicCompression();
|
|||
|
String s = picCompression.compress(filerealpath, 1280, 1024, 1);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
String imagefileused = "1";
|
|||
|
String iszip = "0";
|
|||
|
String isencrypt = "0";
|
|||
|
if (needzip) iszip = "1";
|
|||
|
if (needzipencrypt) isencrypt = "1";
|
|||
|
|
|||
|
|
|||
|
RecordSet rs = new RecordSet();
|
|||
|
char separator = Util.getSeparator();
|
|||
|
|
|||
|
//rs.executeProc("SequenceIndex_SelectFileid" , "" );
|
|||
|
//if( rs.next() ) imageid = Util.getIntValue(rs.getString(1));
|
|||
|
imageid = imageFileIdUpdate.getImageFileNewId();
|
|||
|
String originalfilenameflag = originalfilename;
|
|||
|
try {
|
|||
|
// if(UrlEncoderUtils.hasUrlEncoded(originalfilename)){
|
|||
|
//originalfilename = originalfilename.replaceAll("[%]","%25").replaceAll("[+]","%2B");
|
|||
|
originalfilename = URLDecoder.decode(originalfilename, "utf-8");
|
|||
|
// }
|
|||
|
} catch (Exception e) {
|
|||
|
originalfilename = originalfilenameflag;
|
|||
|
//e.printStackTrace();
|
|||
|
}
|
|||
|
|
|||
|
String para = "" + imageid + separator + originalfilename + separator
|
|||
|
+ contenttype + separator + imagefileused + separator + filerealpath + separator
|
|||
|
+ iszip + separator + isencrypt + separator + filesize;
|
|||
|
|
|||
|
rs.executeProc("ImageFile_Insert", para);
|
|||
|
AliOSSObjectManager aliOSSObjectManager = new AliOSSObjectManager();
|
|||
|
String tokenKey = aliOSSObjectManager.getTokenKeyByFileRealPath(filerealpath);
|
|||
|
String secretLevel = Util.null2s(getParameter("secretLevel"), DocManager.DEFAILT_SECRET_LEVEL + "");
|
|||
|
String secretValidity = Util.null2s(getParameter("secretLevelValidity"), "");
|
|||
|
String name = Util.null2s(getParameter("name"), "");
|
|||
|
String sql = "update imagefile set isaesencrypt=" + isaesencrypt + ", aescode='" + aescode + "',TokenKey='" + tokenKey + "',secretLevel=" + secretLevel + ",secretValidity='" + secretValidity + "' where imagefileid=" + imageid;
|
|||
|
// rs.writeLog("fileupload1111-----fileid:"+imageid+"---name:"+name+"--secretLevel:"+secretLevel+"--secretValidity:"+secretValidity+"--sql"+sql);
|
|||
|
// 更新加密信息
|
|||
|
rs.executeUpdate(sql);
|
|||
|
|
|||
|
|
|||
|
try { // add by liuyu to get image file width and height
|
|||
|
if (contenttype.indexOf("image") != -1 && needimagewidth) {
|
|||
|
File thefile = mpdata.getFile(uploadname);
|
|||
|
long fileLength = thefile.length();
|
|||
|
filesizes.add("" + fileLength);
|
|||
|
|
|||
|
if (needzip) {
|
|||
|
ZipInputStream zin = new ZipInputStream(new FileInputStream(thefile));
|
|||
|
if (zin.getNextEntry() != null) source = new BufferedInputStream(zin);
|
|||
|
} else source = new BufferedInputStream(new FileInputStream(thefile));
|
|||
|
|
|||
|
if (isaesencrypt.equals("1")) {
|
|||
|
source = AESCoder.decrypt(source, aescode);
|
|||
|
}
|
|||
|
//byte[] imagebyte = new byte[64*1024] ;
|
|||
|
//StringBuffer buf = new StringBuffer();
|
|||
|
//while (source.read(imagebyte, 0, imagebyte.length) != -1) buf.append(imagebyte);
|
|||
|
//ByteArraySeekableStream bs = new ByteArraySeekableStream((buf.toString()).getBytes()) ;
|
|||
|
//RenderedOp bimage = JAI.create("stream", bs);
|
|||
|
//imagewidth.add(""+bimage.getWidth()) ;
|
|||
|
//imageheight.add(""+bimage.getHeight()) ;
|
|||
|
|
|||
|
|
|||
|
ImageInfo ii = new ImageInfo();
|
|||
|
ii.setInput(source);
|
|||
|
if (!ii.check()) {
|
|||
|
imagewidth.add("0");
|
|||
|
imageheight.add("0");
|
|||
|
} else {
|
|||
|
imagewidth.add("" + ii.getWidth());
|
|||
|
imageheight.add("" + ii.getHeight());
|
|||
|
}
|
|||
|
} else {
|
|||
|
imagewidth.add("0");
|
|||
|
imageheight.add("0");
|
|||
|
filesizes.add("0");
|
|||
|
}
|
|||
|
} catch (Exception imgex) {
|
|||
|
imagewidth.add("0");
|
|||
|
imageheight.add("0");
|
|||
|
filesizes.add("0");
|
|||
|
}
|
|||
|
|
|||
|
return imageid + "";
|
|||
|
|
|||
|
/* 原有的存储附件数据在数据库中的方式
|
|||
|
|
|||
|
try {
|
|||
|
File thefile = mpdata.getFile(uploadname) ;
|
|||
|
int fileLength = new Long(thefile.length()).intValue();
|
|||
|
source = new BufferedInputStream(new FileInputStream(thefile),500*1024) ;
|
|||
|
|
|||
|
filesizes.add(""+fileLength) ;
|
|||
|
|
|||
|
statement = new ConnStatement();
|
|||
|
boolean isoracle = (statement.getDBType()).equals("oracle") ;
|
|||
|
|
|||
|
String sql = "select currentid from SequenceIndex where indexdesc='imagefileid'";
|
|||
|
statement.setStatementSql(sql);
|
|||
|
statement.executeQuery();
|
|||
|
|
|||
|
if(statement.next()){
|
|||
|
imageid = statement.getInt("currentid");
|
|||
|
}
|
|||
|
|
|||
|
sql = "update SequenceIndex set currentid=? where indexdesc='imagefileid'";
|
|||
|
statement.setStatementSql(sql);
|
|||
|
statement.setInt(1,imageid+1);
|
|||
|
statement.executeUpdate();
|
|||
|
|
|||
|
if( isoracle) {
|
|||
|
sql = "insert into ImageFile values(?,?,?,empty_blob(),?)";
|
|||
|
statement.setStatementSql(sql);
|
|||
|
statement.setInt(1,imageid);
|
|||
|
statement.setString(2,filename) ;
|
|||
|
statement.setString(3,contenttype) ;
|
|||
|
statement.setInt(4,1);
|
|||
|
statement.executeUpdate();
|
|||
|
|
|||
|
sql = "select imagefile from ImageFile where imagefileid = " + imageid ;
|
|||
|
statement.setStatementSql(sql);
|
|||
|
statement.executeQuery();
|
|||
|
statement.next() ;
|
|||
|
BLOB theblob = statement.getBlob(1) ;
|
|||
|
|
|||
|
int bytesize = theblob.getBufferSize() ;
|
|||
|
byte[] buffer = new byte[bytesize] ;
|
|||
|
OutputStream outstream = theblob.getBinaryOutputStream() ;
|
|||
|
int length = -1 ;
|
|||
|
|
|||
|
while((length = source.read(buffer)) != -1)
|
|||
|
outstream.write(buffer, 0 , length) ;
|
|||
|
outstream.close() ;
|
|||
|
}
|
|||
|
else {
|
|||
|
sql = "insert into ImageFile values(?,?,?,?,?)";
|
|||
|
statement.setStatementSql(sql);
|
|||
|
statement.setInt(1,imageid);
|
|||
|
statement.setString(2,filename) ;
|
|||
|
statement.setString(3,contenttype) ;
|
|||
|
statement.setBinaryStream(4,source,fileLength);
|
|||
|
statement.setInt(5,1);
|
|||
|
statement.executeUpdate();
|
|||
|
}
|
|||
|
|
|||
|
source.close();
|
|||
|
thefile.delete() ;
|
|||
|
|
|||
|
try { // add by liuyu to get image file width and height
|
|||
|
if(contenttype.indexOf("image") != -1 && needimagewidth) {
|
|||
|
sql = "select imagefile from ImageFile where imagefileid = "+imageid;
|
|||
|
statement.setStatementSql(sql);
|
|||
|
statement.executeQuery();
|
|||
|
statement.next() ;
|
|||
|
byte[] imagebyte = null ;
|
|||
|
if( isoracle ) imagebyte = statement.getBlobByte("imagefile") ;
|
|||
|
else imagebyte = statement.getBytes("imagefile") ;
|
|||
|
ByteArraySeekableStream bs = new ByteArraySeekableStream(imagebyte) ;
|
|||
|
RenderedOp bimage = JAI.create("stream", bs);
|
|||
|
imagewidth.add(""+bimage.getWidth()) ;
|
|||
|
imageheight.add(""+bimage.getHeight()) ;
|
|||
|
}
|
|||
|
else {
|
|||
|
imagewidth.add("0") ;
|
|||
|
imageheight.add("0") ;
|
|||
|
}
|
|||
|
}
|
|||
|
catch (Exception imgex) {
|
|||
|
imagewidth.add("0") ;
|
|||
|
imageheight.add("0") ;
|
|||
|
}
|
|||
|
|
|||
|
statement.close() ;
|
|||
|
}
|
|||
|
catch (Exception ex) { writeLog(ex); }
|
|||
|
|
|||
|
return imageid+""; */
|
|||
|
}
|
|||
|
|
|||
|
private synchronized String saveFile(String uploadname, String paramFileName, MultipartRequest mpdata) {
|
|||
|
|
|||
|
int imageid = 0;
|
|||
|
String filepath = mpdata.getFilePath(uploadname);
|
|||
|
String filename = mpdata.getFileName(uploadname);
|
|||
|
String originalfilename = paramFileName;
|
|||
|
String contenttype = mpdata.getContentType(uploadname);
|
|||
|
long filesize = mpdata.getFileSize(uploadname);
|
|||
|
|
|||
|
String _imagefilename = Util.null2String(getParameter("imagefilename"));
|
|||
|
String __originalfilename = Util.null2String(originalfilename);
|
|||
|
String _extname = __originalfilename.contains(".") ? __originalfilename.substring(__originalfilename.indexOf(".")) : "";
|
|||
|
if (!_imagefilename.isEmpty() && ("".equals(_extname) || _imagefilename.endsWith(_extname))) {
|
|||
|
originalfilename = _imagefilename;
|
|||
|
}
|
|||
|
if (filesize == 0) {
|
|||
|
writeLog("^^^^^^^^^(文件大小为0)(" + originalfilename + ")^^^^^^^^^^^filepath=" + filepath + filename);
|
|||
|
return null;
|
|||
|
}
|
|||
|
|
|||
|
String filerealpath = filepath + filename;
|
|||
|
|
|||
|
//tagtag需要压缩图片
|
|||
|
//System.out.println("contenttype:"+ contenttype);
|
|||
|
//System.out.println("filerealpath:"+ filerealpath);
|
|||
|
String needCompressionPic = (String) this.request.getAttribute("needCompressionPic");
|
|||
|
if ("1".equals(needCompressionPic) && !needzip) {
|
|||
|
PicCompression picCompression = new PicCompression();
|
|||
|
String s = picCompression.compress(filerealpath, 1280, 1024, 1);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
String imagefileused = "1";
|
|||
|
String iszip = "0";
|
|||
|
String isencrypt = "0";
|
|||
|
if (needzip) iszip = "1";
|
|||
|
if (needzipencrypt) isencrypt = "1";
|
|||
|
|
|||
|
|
|||
|
RecordSet rs = new RecordSet();
|
|||
|
char separator = Util.getSeparator();
|
|||
|
|
|||
|
//rs.executeProc("SequenceIndex_SelectFileid" , "" );
|
|||
|
//if( rs.next() ) imageid = Util.getIntValue(rs.getString(1));
|
|||
|
imageid = imageFileIdUpdate.getImageFileNewId();
|
|||
|
String originalfilenameflag = originalfilename;
|
|||
|
try {
|
|||
|
// if(UrlEncoderUtils.hasUrlEncoded(originalfilename)){
|
|||
|
//originalfilename = originalfilename.replaceAll("[%]","%25").replaceAll("[+]","%2B");
|
|||
|
originalfilename = URLDecoder.decode(originalfilename, "utf-8");
|
|||
|
// }
|
|||
|
} catch (Exception e) {
|
|||
|
originalfilename = originalfilenameflag;
|
|||
|
//e.printStackTrace();
|
|||
|
}
|
|||
|
String para = "" + imageid + separator + originalfilename + separator
|
|||
|
+ contenttype + separator + imagefileused + separator + filerealpath + separator
|
|||
|
+ iszip + separator + isencrypt + separator + filesize;
|
|||
|
|
|||
|
rs.executeProc("ImageFile_Insert", para);
|
|||
|
AliOSSObjectManager aliOSSObjectManager = new AliOSSObjectManager();
|
|||
|
String tokenKey = aliOSSObjectManager.getTokenKeyByFileRealPath(filerealpath);
|
|||
|
String secretLevel = Util.null2s(getParameter("secretLevel"), DocManager.DEFAILT_SECRET_LEVEL + "");
|
|||
|
String secretValidity = Util.null2s(getParameter("secretLevelValidity"), "");
|
|||
|
String name = Util.null2s(getParameter("name"), "");
|
|||
|
|
|||
|
String sql = "update imagefile set isaesencrypt=" + isaesencrypt + ", aescode='" + aescode + "',TokenKey='" + tokenKey + "',secretLevel=" + secretLevel + ",secretValidity='" + secretValidity + "' where imagefileid=" + imageid;
|
|||
|
// rs.writeLog("fileupload2222-----fileid:"+imageid+"---name:"+name+"--secretLevel:"+secretLevel+"--secretValidity:"+secretValidity+"--sql:"+sql);
|
|||
|
// 更新加密信息
|
|||
|
rs.executeUpdate(sql);
|
|||
|
|
|||
|
aliOSSObjectManager.uploadFile(filerealpath, originalfilename, iszip, isaesencrypt, aescode);
|
|||
|
|
|||
|
try { // add by liuyu to get image file width and height
|
|||
|
if (contenttype.indexOf("image") != -1 && needimagewidth) {
|
|||
|
File thefile = mpdata.getFile(uploadname);
|
|||
|
long fileLength = thefile.length();
|
|||
|
filesizes.add("" + fileLength);
|
|||
|
|
|||
|
if (needzip) {
|
|||
|
ZipInputStream zin = new ZipInputStream(new FileInputStream(thefile));
|
|||
|
if (zin.getNextEntry() != null) source = new BufferedInputStream(zin);
|
|||
|
} else source = new BufferedInputStream(new FileInputStream(thefile));
|
|||
|
|
|||
|
if (isaesencrypt.equals("1")) {
|
|||
|
source = AESCoder.decrypt(source, aescode);
|
|||
|
}
|
|||
|
//byte[] imagebyte = new byte[64*1024] ;
|
|||
|
//StringBuffer buf = new StringBuffer();
|
|||
|
//while (source.read(imagebyte, 0, imagebyte.length) != -1) buf.append(imagebyte);
|
|||
|
//ByteArraySeekableStream bs = new ByteArraySeekableStream((buf.toString()).getBytes()) ;
|
|||
|
//RenderedOp bimage = JAI.create("stream", bs);
|
|||
|
//imagewidth.add(""+bimage.getWidth()) ;
|
|||
|
//imageheight.add(""+bimage.getHeight()) ;
|
|||
|
|
|||
|
|
|||
|
ImageInfo ii = new ImageInfo();
|
|||
|
ii.setInput(source);
|
|||
|
if (!ii.check()) {
|
|||
|
imagewidth.add("0");
|
|||
|
imageheight.add("0");
|
|||
|
} else {
|
|||
|
imagewidth.add("" + ii.getWidth());
|
|||
|
imageheight.add("" + ii.getHeight());
|
|||
|
}
|
|||
|
} else {
|
|||
|
imagewidth.add("0");
|
|||
|
imageheight.add("0");
|
|||
|
filesizes.add("0");
|
|||
|
}
|
|||
|
} catch (Exception imgex) {
|
|||
|
imagewidth.add("0");
|
|||
|
imageheight.add("0");
|
|||
|
filesizes.add("0");
|
|||
|
}
|
|||
|
|
|||
|
return imageid + "";
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
private boolean isMultipartData(HttpServletRequest req) {
|
|||
|
return Util.null2String(req.getContentType()).toLowerCase().startsWith("multipart/form-data");
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
public static String getCreateDir(String createdir) {
|
|||
|
|
|||
|
if (createdir == null) {
|
|||
|
StaticObj staticObj = StaticObj.getInstance();
|
|||
|
staticObj.removeObject("SystemInfo");
|
|||
|
SystemComInfo syscominfo = new SystemComInfo();
|
|||
|
createdir = syscominfo.getFilesystem();
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
if (createdir == null || createdir.equals("")) createdir = GCONST.getSysFilePath();
|
|||
|
else {
|
|||
|
createdir = Util.StringReplace(createdir, "\\", "#$^123");
|
|||
|
createdir = Util.StringReplace(createdir, "/", "#$^123");
|
|||
|
createdir = Util.StringReplace(createdir, "#$^123", File.separator);
|
|||
|
//if( createdir.lastIndexOf(File.separator) < 0 ) createdir += File.separator ;
|
|||
|
|
|||
|
if (!createdir.endsWith(File.separator)) {
|
|||
|
createdir += File.separator;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
Calendar today = Calendar.getInstance();
|
|||
|
String currentyear = Util.add0(today.get(Calendar.YEAR), 4);
|
|||
|
String currentmonth = Util.add0(today.get(Calendar.MONTH) + 1, 2);
|
|||
|
|
|||
|
Random random = new Random();
|
|||
|
int randomint = 1 + random.nextInt(26);
|
|||
|
String charstr = Util.getCharString(randomint);
|
|||
|
|
|||
|
createdir += currentyear + currentmonth + File.separatorChar + charstr + File.separatorChar;
|
|||
|
String ostype = System.getProperty("os.arch");
|
|||
|
String osname = System.getProperty("os.name").toLowerCase();
|
|||
|
//if (!ostype.equals("x86")&&!ostype.equals("amd64")) {
|
|||
|
if (!osname.startsWith("windows")) {
|
|||
|
try {
|
|||
|
if (!createdir.substring(0, 1).equals(File.separator)) {
|
|||
|
new BaseBean().writeLog("WRAN................File path=[" + createdir + "] os=[" + ostype + "]");
|
|||
|
createdir = File.separator + createdir;
|
|||
|
new BaseBean().writeLog("WRAN................Changed path=[" + createdir + "] os=[" + ostype + "]");
|
|||
|
}
|
|||
|
} catch (Exception e) {
|
|||
|
}
|
|||
|
}
|
|||
|
return createdir;
|
|||
|
}
|
|||
|
|
|||
|
//获取文件的原始名称
|
|||
|
public String getFileOriginalFileName(String uploadame) {
|
|||
|
return SecurityMethodUtil.textXssClean(mpdata.getOriginalFileName(uploadame));
|
|||
|
}
|
|||
|
|
|||
|
//根据文件名获取文件
|
|||
|
public File getFile(String filename) {
|
|||
|
return mpdata.getFile(filename);
|
|||
|
}
|
|||
|
|
|||
|
/**
|
|||
|
* 根据参数名判断文件是否可以上传, 查询参数名为file对应的文件的后缀
|
|||
|
*
|
|||
|
* @return
|
|||
|
*/
|
|||
|
public boolean canUploadCheckBySecid() {
|
|||
|
return canUploadCheckBySecid("file");
|
|||
|
}
|
|||
|
|
|||
|
/**
|
|||
|
* 根据 uplaodfilename 查找指定的物理文件的文件名,判断文件是否可以上传
|
|||
|
*
|
|||
|
* @param uplaodfilename
|
|||
|
* @return
|
|||
|
*/
|
|||
|
public boolean canUploadCheckBySecid(String uplaodfilename) {
|
|||
|
int secid = Util.getIntValue(this.getParameter("secid"), -1);
|
|||
|
|
|||
|
String paramFileName = this.getFileOriginalFileName(uplaodfilename); //获取参数当中的文件名
|
|||
|
if (secid <= 0) {
|
|||
|
return FileSuffixCheckUtil.isEnableUpload(paramFileName);
|
|||
|
} else {
|
|||
|
return FileSuffixCheckUtil.isEnableUploadBySecId(secid, paramFileName);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/**
|
|||
|
* @param fileName 文件名
|
|||
|
* @param fieldId 附件字段id
|
|||
|
* @param workflowId 流程id
|
|||
|
* @return 文件上传后端校验是否通过
|
|||
|
*/
|
|||
|
public boolean checkFileSuffix(String fileName, int fieldId, int workflowId) {
|
|||
|
RecordSet rs1 = new RecordSet();
|
|||
|
//查询单个字段设置
|
|||
|
String sql1 = "select limittype,limitvalue from workflow_fileupload where fieldid = " + fieldId + " and workflowid =" + workflowId;
|
|||
|
//查询默认设置
|
|||
|
String sql2 = "select limitvalue from workflow_base where id = " + workflowId;
|
|||
|
//查询新表单
|
|||
|
String sql3 = "select FIELDHTMLTYPE,TYPE from workflow_billfield where id = " + fieldId;
|
|||
|
//查询老表单主表
|
|||
|
String sql4 = "select fieldhtmltype,type from workflow_formdict where id = " + fieldId;
|
|||
|
//查询老表单明细表
|
|||
|
String sql5 = "select fieldhtmltype,type from workflow_formdictdetail where id = " + fieldId;
|
|||
|
|
|||
|
String limitType = "";//单个字段设置类型
|
|||
|
String limitValueField = "";//单个字段设置限制格式
|
|||
|
String limitValueDefult = "";//默认限制格式
|
|||
|
String fileNameSuffix = FileSuffixCheckUtil.getFileNameSuffix(fileName);//上传的文件名后缀
|
|||
|
|
|||
|
rs1.executeQuery(sql1);
|
|||
|
while (rs1.next()) {
|
|||
|
limitType = Util.null2String(rs1.getString("limittype"));
|
|||
|
limitValueField = Util.null2String(rs1.getString("limitvalue"));
|
|||
|
}
|
|||
|
rs1.execute(sql2);
|
|||
|
while (rs1.next()) {
|
|||
|
limitValueDefult = Util.null2String(rs1.getString("limitvalue"));
|
|||
|
}
|
|||
|
|
|||
|
//新表单
|
|||
|
String fieldHtmlTypeNew = "";//新表单字段大类型
|
|||
|
String typeNew = "";//新表单字段小类型
|
|||
|
rs1.executeQuery(sql3);
|
|||
|
while (rs1.next()) {
|
|||
|
fieldHtmlTypeNew = Util.null2String(rs1.getString(1));
|
|||
|
typeNew = Util.null2String(rs1.getString(2));
|
|||
|
}
|
|||
|
//校验新表单字段是否为图片,如果是图片,则不校验,直接放行
|
|||
|
if ("6".equals(fieldHtmlTypeNew) && "2".equals(typeNew)) {
|
|||
|
return true;
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
//老表单主表
|
|||
|
String fieldHtmlTypeOld = "";//老表单字段大类型
|
|||
|
String typeOld = "";//老表单字段小类型
|
|||
|
rs1.execute(sql4);
|
|||
|
while (rs1.next()) {
|
|||
|
fieldHtmlTypeOld = Util.null2String(rs1.getString(1));
|
|||
|
typeOld = Util.null2String(rs1.getString(2));
|
|||
|
}
|
|||
|
//校验老表单字段是否为图片,如果是图片,则不校验,直接放行
|
|||
|
if ("6".equals(fieldHtmlTypeOld) && "2".equals(typeOld)) {
|
|||
|
return true;
|
|||
|
}
|
|||
|
|
|||
|
//老表单明细表
|
|||
|
String fieldHtmlTypeDetailOld = "";//老表单明细字段大类型
|
|||
|
String typeDetailOld = "";//老表单明细字段小类型
|
|||
|
rs1.execute(sql5);
|
|||
|
while (rs1.next()) {
|
|||
|
fieldHtmlTypeDetailOld = Util.null2String(rs1.getString(1));
|
|||
|
typeDetailOld = Util.null2String(rs1.getString(2));
|
|||
|
}
|
|||
|
//校验老表单字段是否为图片,如果是图片,则不校验,直接放行
|
|||
|
if ("6".equals(fieldHtmlTypeDetailOld) && "2".equals(typeDetailOld)) {
|
|||
|
return true;
|
|||
|
}
|
|||
|
|
|||
|
//如果默认和字段都没有设置格式限制,或者字段选择了格式显示,但是格式限制为空,则直接允许提交
|
|||
|
if (("".equals(limitValueField) && "".equals(limitValueDefult)) || ("1".equals(limitType) && "".equals(limitValueField))) {
|
|||
|
return true;
|
|||
|
}
|
|||
|
|
|||
|
//先校验单个字段,如果单个字段没有设置格式校验,则校验默认的格式设置
|
|||
|
if ("1".equals(limitType)) {
|
|||
|
String[] formats = limitValueField.split(",");
|
|||
|
return Util.contains(formats, fileNameSuffix);
|
|||
|
}
|
|||
|
if ("0".equals(limitType)) {
|
|||
|
String[] restrictedFormat = limitValueDefult.split(",");
|
|||
|
return Util.contains(restrictedFormat, fileNameSuffix);
|
|||
|
}
|
|||
|
|
|||
|
return false;
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
|